/** * Checking if the request has valid api key in the "Authorization" header */ function authenticate(\Slim\Route $route) { $headers = apache_request_headers(); $response = array(); $app = \Slim\Slim::getInstance(); if (isset($headers["Authorization"])) { $db = new DbHandler(); $api_key = $headers["Authorization"]; $user = $db->isValidApiKey($api_key); if ($user == null) { $response["error"] = true; $response["message"] = "Access Denied. Invalid Api key"; echoResponse(FAILURE_CODE, $response); $app->stop(); } else { global $user_name; $user_name = $user; } } else { $response["error"] = true; $response["message"] = "Api key is misssing"; echoResponse(404, $response); $app->stop(); } }
/** * Adding Middle Layer to authenticate every request * Checking if the request has valid api key in the 'Authorization' header */ function authenticate(\Slim\Route $route) { // Getting request headers $headers = apache_request_headers(); $response = array(); $app = \Slim\Slim::getInstance(); // Verifying Authorization Header if (isset($headers['Authorization'])) { $db = new DbHandler(); // get the api key $api_key = $headers['Authorization']; // validating api key if (!$db->isValidApiKey($api_key)) { // api key is not present in users table $response["error"] = true; $response["message"] = "Access Denied. Invalid Api key"; echoRespnse(401, $response); $app->stop(); } else { global $user_id; // get user primary key id $user_id = $db->getUserId($api_key); } } else { // api key is missing in header $response["error"] = true; $response["message"] = "Api key is misssing"; echoRespnse(400, $response); $app->stop(); } }
/** * Altenticação do usuário. * * @param \Slim\Route $route */ function authenticate(\Slim\Route $route) { // Getting request headers $headers = apache_request_headers(); // Verifying Authorization Header if (isset($headers['Authorization'])) { $db = new DbHandler(); // get the api key $apiKey = $headers['Authorization']; // validating api key if (!$db->isValidApiKey($apiKey)) { // api key is not present in users table $erro = MapaErro::singleton()->getErro(APIKEY_INVALIDA); echoRespnse(HTTP_CONFLITO, $erro); } else { global $usuarioAutenticado; // Recuperar usuário pelo ApiKey. $usuario = $db->getUserByApiKey($apiKey); if (!empty($usuario)) { $usuarioAutenticado = $usuario; } } } else { // api key is missing in header $erro = MapaErro::singleton()->getErro(NECESSARIO_LOGIN); echoRespnse(HTTP_CONFLITO, $erro); } }